Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HPE Aruba Networking Wireless Operating System (AOS) — Vulnerabilities & Security Advisories 27

All 27 CVE vulnerabilities found in HPE Aruba Networking Wireless Operating System (AOS), with AI-generated Chinese analysis, references, and POCs.

Vendor: Hewlett Packard Enterprise (HPE)

CVE IDTitleCVSSSeverityPublished
CVE-2026-44871 Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44873 Insufficient Session Invalidation on User Account Deactivation in AOS-8 Operating System 5.4 Medium2026-05-12
CVE-2026-44874 Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface 4.9 Medium2026-05-12
CVE-2026-44872 Authenticated Arbitrary File Upload via Command Injection in AOS-8 AND AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-44870 Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44869 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44868 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44867 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44866 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44865 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44864 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44863 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44862 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44861 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44860 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44859 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44858 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44857 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44856 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44855 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44854 Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-44853 Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-44852 Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-23827 Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service 7.5 High2026-05-12
CVE-2026-23826 Unauthenticated Denial of Service in AOS-8 Network Management Service 7.5 High2026-05-12
CVE-2026-23825 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component 7.5 High2026-05-12
CVE-2026-23824 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component 7.5 High2026-05-12

All 27 known CVE vulnerabilities affecting HPE Aruba Networking Wireless Operating System (AOS) with full Chinese analysis, references, and POCs where available.